<?php
header("Content-Type:text/html; charset=utf-8");
include_once('inc/init.php');

$action=strFilter($_GET["action"]);
switch($action){
	case "Login":

	break;
	
	case "checkUserValid":
		$u = strFilter($_GET["u"]);
		if(!isValidName($u)){
			exit("用户名中含有非法字符");
		}
		
		foreach(explode(",", $cache_settings['reservedkeyword']) as $rkey){
			if(!empty($rkey) && stristr($u,$rkey)){
				exit("用户名含有禁用关键字");
			}
		}

		$row=$db->row_select_one("users","username='{$u}'");
		if($row!=null){
			echo("该用户名已经被注册了");
		}else{
			echo("y");
		}
		
	break;

	case "checkEmailValid":
		$e = strFilter($_GET["e"]);
		if(!isValidEmail($e)){
			echo("邮箱格式不正确");
		}else{
			$row=$db->row_select_one("users","email='{$e}'");
			if($row!=null){
				echo("该邮箱已经被使用了");
			}else{
				echo("y");
			}
		}
	break;

	case "checkSecurityCode":
		$v = strFilter($_GET["v"]);
		if(strtolower($_SESSION['validationcode'])!=strtolower($v)){
			echo("验证码错误");
		}else{
			echo("y");
		}
	break;


	case "getUserpass":
		$eu = strFilter($_POST["username"]);
		$ev = strFilter($_POST["email"]);
		$sv = strFilter($_POST["securitycode"]);
		if(strtolower($_SESSION['validationcode'])!=strtolower($sv)){
			exit("验证码错误。");
		}
		$row=$db->row_select_one("users","username='{$eu}' and email='{$ev}'");
		if(empty($row)){
			echo("用户不存在，请检查后重试。");
		}else{
			$d=$_SYS['time']-3*24*3600;
			$db->row_delete("userfield","(userid={$row['id']} and type=1) or (createtime<{$d})");
			$activecode=md5($row['username'].$row['userpass'].$_SYS['time'].mt_rand(1000,9999));
			$userfield['userid'] = $row['id'];
			$userfield['code'] = $activecode;
			$userfield['createtime'] = $_SYS['time'];
			$userfield['type'] = 1;	//重置密码
			$db->row_insert("userfield",$userfield);
			$url=getUrlPath()."/public.php?action=resetpass&uid={$row['id']}&code={$activecode}";
			$subject="重置密码——{$cache_settings['bbsname']}";
			$body="尊敬的{$row['username']},<br />您好！这是由<a href=\"{$cache_settings['url']}\" target=\"_blank\">{$cache_settings['bbsname']}</a>发出的密码重置邮件，请点击下面的链接重置您的密码。<br /><a href=\"{$url}\" target=\"_blank\">{$url}</a>";
			require_once('inc/email.php');
			if(sendMail($cache_settings['mailsendtype'], $row['email'], "", $subject, $body)){
				echo("y");
			}else{
				echo("邮件发送失败，请联系管理员。");
			}			
		}
		
	break;


	case "getActiveCode":
		$eu = strFilter($_POST["username"]);
		$ev = strFilter($_POST["email"]);
		$sv = strFilter($_POST["securitycode"]);
		if(strtolower($_SESSION['validationcode'])!=strtolower($sv)){
			exit("验证码错误。");
		}
		$row=$db->row_select_one("users","username='{$eu}' and email='{$ev}'");
		if(empty($row)){
			echo("用户不存在，请检查后重试。");
		}else{
			if($cache_settings['issignupverify']!='2'){
				exit("系统禁止用户通过邮件激活。");
			}
			if($row['groupid']!=GROUP_NOVERIFY){
				exit("该用户已经激活，无需发送激活邮件。");
			}
			$d=$_SYS['time']-3*24*3600;
			$db->row_delete("userfield","(userid={$row['id']} and type=0) or (createtime<{$d})");
			$activecode=md5($row['username'].$row['userpass'].$_SYS['time'].mt_rand(1000,9999));
			$userfield['userid'] = $row['id'];
			$userfield['code'] = $activecode;
			$userfield['createtime'] = $_SYS['time'];
			$userfield['type'] = 0;	//用户激活
			$db->row_insert("userfield",$userfield);
			$url=getUrlPath()."/public.php?action=active&uid={$row['id']}&code={$activecode}";
			$subject="用户激活邮件——{$cache_settings['bbsname']}";
			$body="尊敬的{$row['username']},<br />您好！这是由<a href=\"{$cache_settings['url']}\" target=\"_blank\">{$cache_settings['bbsname']}</a>发出的用户激活邮件，请点击下面的链接激活您的帐号。<br /><a href=\"{$url}\" target=\"_blank\">{$url}</a>";
			require_once('inc/email.php');
			if(sendMail($cache_settings['mailsendtype'], $row['email'], "", $subject, $body)){
				echo("y");
			}else{
				echo("邮件发送失败，请联系管理员。");
			}
		}
		
	break;

	
	
	default:
		echo"No Such Action";
	break;
}
?>
